WO2017050166A1

WO2017050166A1 - Method, apparatus and system for controlling service transmission rate

Info

Publication number: WO2017050166A1
Application number: PCT/CN2016/098961
Authority: WO
Inventors: 肖洪亮; 张大成
Original assignee: 阿里巴巴集团控股有限公司; 肖洪亮; 张大成
Priority date: 2015-09-24
Filing date: 2016-09-14
Publication date: 2017-03-30
Also published as: KR20180059448A; JP2018534830A; CN106559349A; JP6685390B2; US10484295B2; EP3355538A1; US20180212892A1; EP3355538B1; EP3355538A4; CN106559349B

Abstract

Disclosed are a method, apparatus and system for controlling a service transmission rate. The method comprises: acquiring service transmission rate information reported by service gateways in a service gateway group in a distributed environment, the service gateways being gateways that transmit data in parallel to a same destination address and limit a transmission rate of service data according to flow limiting thresholds of the service gateways; for all service gateways, when service transmission rates indicated by the service transmission rate information are greater than flow limiting thresholds corresponding to the service gateways, adjusting the flow limiting thresholds allocated to the service gateways into specified values, so as to obtain the specified values, the specified values satisfy that the sum of the specified values on the service gateways being not greater than a bandwidth allocated by a carrier to the destination address; and delivering the specified thresholds to the service gateways. The present invention resolves the technical problem of no technical solution that effectively ensures that the total traffic of flows that are limited in parallel satisfies an expected threshold after the flows pass through multiple service gateways in a distributed environment.

Description

Method, device and system for controlling traffic transmission rate

Technical field

The present invention relates to the field of network communications, and in particular to a method, device, and system for controlling a service transmission rate.

Background technique

As shown in Figure 1, multiple service gateway devices are deployed in the enterprise's egress. Traffic data coming in from the Internet (Internet) is distributed to the multiple service gateways through the equal-cost routing load on the egress router (for example, the service in Figure 1). On gateways A, B, and C). Due to the requirements of the Distributed Denial of Service (DDoS) attack or the bandwidth limitation, you need to limit the service transmission rate (also called traffic) to each destination host on the service gateway to ensure access to the intranet. The service transmission rate will not exceed the bandwidth purchased by the user, so as to avoid impact on the intranet link.

However, for this distributed deployment scenario, since each service gateway independently performs traffic limiting (that is, limits the service transmission rate), it is necessary to consider how to ensure the total traffic after parallel limiting of traffic through multiple service gateways (that is, the same purpose). The total service transmission rate of the address) meets the expected threshold.

However, for the above problems, no effective solution has been proposed yet.

Summary of the invention

The embodiment of the invention provides a method, a device and a system for controlling a service transmission rate, so as to at least solve the technology that the total traffic after the parallel traffic limiting of multiple service gateways meets an expected threshold is not effective in a distributed environment. Technical issues of the program.

According to an aspect of the present invention, a method for controlling a service transmission rate is provided, which includes: acquiring service transmission rate information reported by each service gateway in a service gateway group in a distributed environment, where each service gateway is a gateway that transmits service data to the same destination address in parallel, and limits a service transmission rate of the service data according to a respective current limit threshold; the service transmission rate information is used to indicate that the service address is for the destination address. a service transmission rate; determining, for each service gateway in the service gateway group, whether a service transmission rate indicated by the service transmission rate information is greater than the traffic restriction threshold corresponding to the service gateway; at least one determination result If yes, the current-limit thresholds that are allocated to the service gateways are adjusted to a specified value, and a specified threshold is obtained, where the specified value satisfies the following condition: the sum of the specified values on the respective service gateways is not Greater than the bandwidth allocated by the operator for the destination address; the specified threshold is sent to the location Various business gateway.

According to another aspect of the present invention, a method for controlling a service transmission rate is further provided, including: each service gateway in a service gateway group receives a specified threshold, wherein each service gateway is in parallel to the same destination address. a gateway that transmits service data and limits a service transmission rate of the service data according to a respective traffic restriction threshold, where the specified threshold is determined by: the service on any service gateway in the service gateway group And when the transmission rate is greater than the traffic limiting threshold corresponding to the service gateway, the current limiting threshold that is allocated to the service gateway is adjusted to a specified value, and the specified threshold is obtained, where the specified value meets the following The sum of the specified values on the service gateways is not greater than the bandwidth allocated by the operator for the destination address; the service gateway limits the local service data transmission rate according to the specified threshold.

According to another aspect of the present invention, a device for controlling a service transmission rate is further provided, comprising: an obtaining module, configured to acquire service transmission rate information reported by each service gateway in a service gateway group in a distributed environment, where The service transmission gateways are gateways that transmit service data to the same destination address in parallel and limit the service transmission rate of the service data according to respective traffic limiting thresholds; the service transmission rate information is used to indicate each service gateway. a service transmission rate for the destination address; a determining module, configured to determine, for each service gateway in the service gateway group, whether a service transmission rate indicated by the service transmission rate information is greater than a service gateway The current limiting threshold is configured to adjust, when the at least one determination result output by the determining module is YES, the current limiting threshold allocated to the service gateway to a specified value, to obtain a specified threshold, The specified value satisfies the following conditions: a total of the specified values on the respective service gateways Is not greater than the destination address for the operators assigned bandwidth; sending module, configured to send the specified lower threshold value of the respective service gateway.

According to another aspect of the present invention, a control device for another service transmission rate is further provided, which is applied to a service gateway in a service gateway group, where each service gateway in the service gateway group is parallel to the same destination address. a gateway that transmits the service data and limits the service transmission rate of the service data according to the respective traffic limiting thresholds. The device includes: a receiving module, configured to receive a specified threshold, where the specified threshold is determined by: The service transmission rate on any service gateway in the service gateway group is greater than the service gateway And the current-limit threshold that is allocated to the service gateways is adjusted to a specified value, and the specified threshold is obtained, where the specified value meets the following conditions: the specified on the service gateway The sum of the values is not greater than the bandwidth allocated by the operator for the destination address; and the limiting module is configured to limit the local service data transmission rate according to the specified threshold.

In the embodiment of the present invention, when the service transmission rate for the same destination address reported by each service gateway is greater than the traffic restriction threshold, the service for limiting the destination address is used on each service gateway. The threshold of the transmission rate is dynamically adjusted to limit the service transmission rate of the destination address, thereby ensuring that the total traffic (that is, the total service transmission rate of the same destination address) after parallel traffic limiting by multiple service gateways is met. The technical effect of the expected threshold further solves the technical problem of the technical solution that the total traffic after the parallel traffic limiting of multiple service gateways meets the expected threshold in the distributed environment.

DRAWINGS

The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:

1 is a network architecture diagram of a distributed network environment according to the related art;

2 is a block diagram showing the hardware structure of a computer terminal for controlling a service transmission rate according to an embodiment of the present invention;

3 is a flowchart of a method of controlling a service transmission rate according to Embodiment 1 of the present invention;

4 is a schematic flow chart of an optional method for controlling a service transmission rate based on a centralized control scheme according to an embodiment of the present invention;

FIG. 5 is a schematic diagram of a control flow of an optional service transmission rate based on a centralized control scheme according to an embodiment of the present invention; FIG.

6 is a schematic diagram of a control plane processing process on a service gateway (SGW) in an optional centralized control scheme according to an embodiment of the present invention;

7 is a schematic diagram of a data plane processing process on an SGW in an optional centralized control scheme according to an embodiment of the present invention;

8 is a schematic diagram of a control flow of an optional service transmission rate based on a distributed control scheme according to an embodiment of the present invention;

9 is a schematic diagram of a control plane processing process on an SGW in an optional distributed control scheme according to an embodiment of the present invention;

10 is a schematic diagram of a data plane processing process on an SGW in an optional distributed control scheme according to an embodiment of the present invention;

11 is a schematic structural diagram of an apparatus for controlling an optional service transmission rate according to an embodiment of the present invention;

FIG. 12 is another schematic structural diagram of an apparatus for controlling an optional service transmission rate according to an embodiment of the present invention; FIG.

FIG. 13 is a diagram of another optional method for controlling a service transmission rate according to an embodiment of the present invention. Schematic diagram of the process;

FIG. 14 is a schematic structural diagram of another optional control device for a service transmission rate according to an embodiment of the present invention; FIG.

15 is a schematic structural diagram of an optional service transmission rate control system according to an embodiment of the present invention;

FIG. 16 is a structural block diagram of a computer terminal according to an embodiment of the present invention.

detailed description

The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is an embodiment of the invention, but not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts shall fall within the scope of the present invention.

It is to be understood that the terms "first", "second" and the like in the specification and claims of the present invention are used to distinguish similar objects, and are not necessarily used to describe a particular order or order. It is to be understood that the data so used may be interchanged where appropriate, so that the embodiments of the invention described herein can be implemented in a sequence other than those illustrated or described herein. In addition, the terms "comprises" and "comprises" and "the" and "the" are intended to cover a non-exclusive inclusion, for example, a process, method, system, product, or device that comprises a series of steps or units is not necessarily limited to Those steps or units, but may include not clearly listed Or other steps or units inherent to these processes, methods, products or equipment.

In the distributed deployment scenario, how to ensure that the total traffic after the parallel traffic limiting of multiple service gateways (that is, the total service transmission rate of the same destination address) meets the expected threshold, two solutions are provided in the related technologies:

1. Select an appropriate hash algorithm on the egress router to distribute the traffic to each service gateway as evenly as possible, and then configure a traffic limiting threshold after each equalization for each service gateway.

2. Selecting a hash algorithm based on the destination IP address on the egress router, so that the traffic that reaches the same destination IP address is processed by the same service gateway only, and then the actual traffic limiting threshold is configured on the corresponding service gateway.

However, both Scheme 1 and Option 2 have certain drawbacks:

For the scheme 1: the scheme relies on the load sharing algorithm that the router can support. Only after the router supports the packet-by-packet load balancing and the algorithm is configured, the traffic can be uniformly allocated to each service. However, packet-by-packet load balancing is easy to cause packet out-of-order, which occupies the processing performance of the server. In addition, if the traffic table needs to establish a flow table to monitor the connection status, packet-by-packet load balancing cannot be used. The traffic-based load balancing cannot guarantee that traffic is evenly distributed to each service gateway. Therefore, if the traffic flowing in a service gateway is less than the current-limit threshold after the equalization, the total traffic after the speed limit is smaller than expected. Current limit threshold.

For solution 2, the solution needs to allocate the traffic of the same destination IP to the same service gateway for processing. This causes the processing performance of the corresponding service gateway to be easily consumed when a certain destination IP traffic is relatively large. Traffic to other destination IPs on this service gateway.

For the above problem, the embodiment of the present invention provides a technical solution for implementing control of a service transmission rate without requiring a specific load sharing mode, which is described in detail below in conjunction with specific embodiments.

Example 1

According to an embodiment of the present invention, a method embodiment of a method for controlling a service transmission rate is provided. It is to be noted that the steps shown in the flowchart of the accompanying drawings may be executed in a computer system such as a set of computer executable instructions. And, although the logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in a different order than the ones described herein.

The method embodiment provided by Embodiment 1 of the present application can be executed in a mobile terminal, a computer terminal or the like. Taking a computer terminal as an example, FIG. 2 is a hardware structural block diagram of a computer terminal for controlling a service transmission rate according to an embodiment of the present invention. As shown in FIG. 2, computer terminal 20 may include one or more (only one shown) processor 202 (processor 202 may include, but is not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA). A memory 204 for storing data, and a transmission module 206 for communication functions. It will be understood by those skilled in the art that the structure shown in FIG. 2 is merely illustrative and does not limit the structure of the above electronic device. For example, computer terminal 20 may also include more or fewer components than those shown in FIG. 2, or have a different configuration than that shown in FIG. 2.

The memory 204 can be used to store software programs and modules of the application software, such as program instructions/modules corresponding to the control method of the service transmission rate in the embodiment of the present invention, and the processor 202 runs the software program and the module stored in the memory 204, thereby Perform various functional applications and data processing, that is, implement the vulnerability detection method of the above application. Memory 204 can include high The fast random access memory may also include non-volatile memory such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, memory 204 can further include memory remotely located relative to processor 202, which can be connected to computer terminal 20 over a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The transmission module 206 is configured to receive or transmit data via a network. The network specific examples described above may include a wireless network provided by a communication provider of the computer terminal 20. In one example, the transmission module 206 includes a Network Interface Controller (NIC) that can be connected to other network devices through a base station to communicate with the Internet. In one example, the transmission module 206 can be a Radio Frequency (RF) module for communicating with the Internet wirelessly.

In the above operating environment, the present application provides a method for controlling the service transmission rate as shown in FIG. 3 is a flow chart showing a method of controlling a service transmission rate according to Embodiment 1 of the present invention. As shown in FIG. 3, the method includes steps S302-S308:

Step S302: Obtain service transmission rate information reported by each service gateway in the service gateway group in the distributed environment, where each service gateway transmits service data in parallel to the same destination address, and performs service data according to respective current limit thresholds. a gateway whose service transmission rate is limited; the service transmission rate information is used to indicate a service transmission rate for a destination address on each service gateway;

In an optional embodiment, the service transmission rate for the same destination address may be expressed as: a rate on each service gateway used for offloading the service data of the destination address. And, for example, the number of service gateways for the service data of the same destination address in the gateway group is 5, and the service transmission rates for the destination addresses on the five service gateways are: 10 k/s, 20 k/s, 40 k/ s, 50k/s, 70k/s, for the destination address, the service transmission rate of the destination address should be: (10+20+40+50+70) k/s, ie 190k/s.

Optionally, the step of obtaining the service transmission rate information in the service gateway group may be performed by using a centralized control device (ie, a control center) to receive the foregoing information reported by each service gateway in the service gateway group. The service transmission rate information may be received by a service gateway selected by the foregoing service gateway group according to a preset rule (for example, using a hash algorithm).

It should be noted that, in the embodiment of the present invention, each service gateway in the service gateway group can receive the service data from multiple destination addresses at the same time. The embodiment of the present invention is convenient for description, and only the service data for the same destination address can be considered. The service transmission rate, however, is not limited to the implementation shown in the embodiment of the present invention.

In an optional embodiment, the service transmission rate information may be expressed as a value indicating a size of the service transmission rate, and may also be expressed as an indication information, where the indication information is used to indicate the foregoing service transmission rate, for example, using a locally stored mapping. The relationship table (the mapping relationship table stores the correspondence between the indication information and the service transmission rate) to obtain the foregoing service transmission rate.

It should be noted that the service gateway group is composed of a service gateway in a distributed environment, and may be a service gateway that performs traffic distribution on the same destination IP address, that is, traffic used to share the same destination address (here, it may be represented as a service). Data) of the service gateway.

Step S304, determining, for each service gateway in the service gateway group, whether the service transmission rate indicated by the service transmission rate information is greater than a traffic limiting threshold corresponding to the service gateway;

Optionally, the foregoing traffic limiting threshold may be preset or may be pre-allocated by the foregoing service gateways. For the latter, the following implementation manner may be implemented: the service transmission reported by the service gateway group in the acquired distributed environment. Before the rate information, the traffic limiting threshold is allocated to each service gateway in the service gateway group, where the traffic limiting thresholds allocated for each service gateway are the same.

In step S306, when the at least one determination result is YES, the current-limit threshold allocated to each service gateway is adjusted to a specified value, and a specified threshold is obtained, where the specified value satisfies the following condition: the sum of the specified values on each service gateway is not greater than the operation. The quotient is the bandwidth allocated by the destination address; thus, since the sum of the specified thresholds is not greater than the bandwidth allocated by the operator for the destination address, it can be ensured that the service transmission rate of the destination address does not exceed the above bandwidth. In fact, the sum of the current-limit thresholds assigned to the respective gateways is generally determined according to the bandwidth allocated by the operator for the destination address, that is, the sum of the traffic-limit thresholds is not greater than the foregoing bandwidth.

In an optional embodiment, the specified threshold may be determined according to the following process: obtaining the proportion of the service transmission rate on each service gateway in the total service transmission rate, where the total service transmission rate is all in the service gateway group. The service gateway performs a summation operation on the transmission rate of the destination address; the specified threshold is reassigned to each service gateway in the service gateway group according to the ratio and the bandwidth. Specifically, the principle of the above implementation process can be expressed by the following formula:

Th=(x/S)*B, where Th is the specified threshold, x is the service transmission rate on each service gateway in the service gateway group, S is the total service transmission rate, B is a constant, and the operator is the above purpose. The bandwidth allocated by the address is equal, and can also be expressed as each service gateway in the service gateway group. The sum of the current-limit thresholds for the above destination addresses.

In addition, it can be seen from the foregoing that the traffic limiting threshold and the specified threshold are not for one device, but for all service gateways corresponding to the destination address in the service gateway group, that is, the traffic limiting threshold and A given threshold can be understood as a set of thresholds or a type of threshold.

In step S308, the specified threshold is sent to each service gateway in the service gateway group, so that the service gateway can limit the service transmission rate for the destination address according to the specified threshold, thereby implementing traffic limiting.

In an optional embodiment, the service gateway may be a real service gateway device, or a service unit in the distributed device that can perform independent operations, and for the latter, it may be represented as a device with multiple independent CPUs, or Line card plug-in device for line cards. In addition, the service gateway can simultaneously limit the service transmission rate of multiple destination addresses.

It should be noted that the destination address in the embodiment of the present invention may be represented by an IP address, or an identifier for indicating an IP address, and the like, but is not limited thereto.

As above, step S302 can be implemented by a centralized control scheme and a distributed control scheme. In fact, the control method of the service transmission rate provided in the embodiment of the present invention is also applicable to a centralized control device or service in a distributed environment. Among the specified service gateways in the gateway group, where the centralized control device is a device other than the service gateway in the service gateway group in the distributed environment.

For a centralized control device, it may be a newly added type of device in a distributed environment, or may be another device that can implement centralized control, which is not limited herein. For a given business The gateway determines, by performing a hash operation on the destination address, obtaining a hash value corresponding to the destination address, and selecting, from the service gateway group, a service gateway corresponding to the hash value as the specified Service gateway.

The hash algorithm converts an input of arbitrary length (also called pre-map) into a fixed-length output through a hashing algorithm, and the output is a hash value. This conversion is a compression map, that is, the space of the hash value is usually much smaller than the input space, and different inputs may be hashed to the same output.

In an alternative embodiment, the above selection process can be implemented in the following manner:

The traffic of different destination IPs (that is, the service transmission rate) is allocated to the service gateways through a certain hash algorithm f(key). The key in the algorithm function is the destination IP address here. For example, if there are four service gateways, the hash algorithm can be used to convert the 32-bit destination IP address into a 2-bit hash value. The destination IP address with the hash value of 0 sends its traffic data to service gateway A. The hash value is The destination IP of 1 sends its traffic data to service gateway B. The destination IP with hash value of 2 sends its traffic data to service gateway C. The destination IP with hash value of 3 sends its traffic data to service gateway D. .

It should be noted that the above two control schemes are only different control logics, that is, one is centralized control and the other is distributed control. However, the main design ideas of the two control modes are the same, that is, according to each The traffic size on the service gateway (that is, the service transmission rate) dynamically adjusts its corresponding traffic limiting threshold (that is, the threshold for limiting the traffic transmission rate). The following two control schemes are described in detail in conjunction with specific embodiments.

Option 1, centralized control scheme

In the control scheme, data collection, real-time calculation of thresholds, and delivery thereof are implemented on a centralized control center (ie, centralized control device). Each service gateway periodically reports the traffic size of each destination IP (that is, the size of the service transmission rate) to the control device. As shown in Figure 4, the specific implementation process of the control scheme is as follows:

S402: Initially, the control center sets an actual current limit threshold of each destination IP according to the number of service gateways (SGWs) (corresponding to the sum B of the current limiting thresholds in the foregoing embodiments, generally with the operator for the above purpose) The bandwidth of the address allocation is equal, and is divided into Limit_Threshold/N, and then the traffic limiting threshold after the destination IP address is evenly distributed (that is, the current limiting threshold in the embodiment shown in FIG. 3) is sent to each SGW, where N represents the SGW. The number is a positive integer;

S404: Each SGW performs real-time statistics on the service transmission rate (or the traffic) of the destination IP address, and periodically reports the service transmission rate to the destination IP address to the centralized control device (for example, 5s);

S406: The centralized control device analyzes and summarizes the traffic information in real time. After discovering that the service transmission rate of a destination IP address on a certain SGW exceeds the traffic limiting threshold, the data is reported for each SGW according to the data reported by each SGW. The new current limit threshold (that is, the specified threshold). The calculation method is as follows: the service transmission rate of each destination IP address reported by each SGW is DIP_SGW1_Rate, DIP_SGW2_Rate, DIP_SGWN_Rate, and the total transmission rate (DIP_Total_Rate) of the destination IP address is superimposed, and then according to the rate carried on each SGW. The proportional size calculates the specified threshold. For example, the specified threshold on SGW1 will be (DIP_SGW1_Rate/DIP_Total_Rate)*Limit_Threshold and will be on each SGW. The corresponding specified threshold is sent to the corresponding SGW, where the Limit_Threshold is the total threshold of the destination IP address, and may be the bandwidth allocated by the operator for the destination IP address, for example, the user-defined bandwidth corresponding to the destination IP address. 10M/S, at this time, the total threshold Limit_Threshold is 10M/S, and the sum of DIP_SGW1_Rate, DIP_SGW2_Rate·····DIP_SGWN_Rate does not exceed 10M/S;

S408: The specified threshold (DIP_SGWN_Rate/DIP_Total_Rate)*Limit_Threshold is sent to enable the SGW to perform traffic limiting according to the specified threshold (that is, limit the service transmission rate of the destination IP address on the SGW)

S410: Steps S402-S408 are repeated, and the threshold is adjusted once every period until the service transmission rate on all SGWs is smaller than the traffic limiting threshold (that is, the total service transmission rate for the destination IP address output on the SGW is smaller than the traffic limiting threshold).

The SGW in FIG. 4 represents a service unit in a service gateway or a distributed device, and the ICS represents a centralized control system, that is, a control device.

The control flow for the centralized control device is as shown in FIG. 5, and includes the following processing steps:

Step S502: The initial traffic limiting threshold (ie, the traffic limiting threshold) is sent to all service gateways (SGWs) in the service gateway group.

Step S504, receiving a service transmission rate reported by each SGW;

Step S506, summarizing service transmission rates of the same destination IP address;

Step S508, determining whether the service transmission rate on a certain SGW is greater than a corresponding current limiting threshold. Value, if yes, go to step S510, otherwise go to step S504;

Step S510, calculating a specified threshold for each SGW for the destination IP address according to a ratio of the current service transmission rate in the total service transmission rate (ie, the customized bandwidth);

Step S512, the updated specified threshold is sent to each SGW.

The control plane processing flow on each SGW is as shown in FIG. 6, and includes the following processing steps:

Step S602, determining whether there is a message input, and if yes, proceeding to step S604, otherwise waiting;

Step S604, receiving a specified threshold delivered by the centralized control device;

Step S606, updating the current limit threshold for the destination IP address to a specified threshold.

The data plane processing flow on each SGW is as shown in FIG. 7, and includes the following processing steps:

Step S702, receiving a message;

Step S704, the service transmission rate (ie, the traffic) of the destination IP address is counted;

Step S706, it is determined whether the service transmission rate exceeds the current limit threshold, if yes, then go to step S708, otherwise go to step S702;

Step S708, performing a current limiting process, that is, limiting a service transmission rate;

Step S710, sending a traffic log.

Step S712, the service gateway performs other processing, and proceeds to step S704, where other The processing may be performed as data forwarding, for example, when the service gateway is a firewall device, the other processing may be represented by Network Address Translation (NAT) or Virtual Private Network (VPN) access.

Option 2, distributed control scheme

Through a certain hashing method, data collection, real-time calculation, and threshold distribution of different destination IPs are distributed on different service gateways. At the same time, the threshold calculation of the same destination IP is centralized on one service gateway, and other services are processed. The traffic logs of the destination IP address are reported to the service gateway. As shown in Figure 8, the specific implementation process is as follows:

Step S802: Initially, the administrator configures each SGW to configure the same traffic limiting threshold (ie, the traffic limiting threshold) for the destination IP, and creates the same SGW group on each SGW, and adds all SGWs to the SGW. group;

Step S804: Each SGW performs real-time statistics on the service transmission rate of the destination IP, performs hash operation based on the destination IP address, selects an SGW from the SGW group to process the threshold calculation of the destination IP address according to the operation result, and periodically reports to the SGW. The service transmission rate of the destination IP address is reported. For example, each SGW sends the service transmission rate of the destination IP address to the IP-A to the SGW2 (the following steps are exemplified by IP-A and SGW2);

Step S806: SGW2 analyzes and summarizes the service transmission rate of the IP-A. After discovering that the service transmission rate of the IP-A on a certain SGW exceeds the traffic limiting threshold, the SGW calculates the data reported by each SGW for each SGW. The new current limit threshold (that is, the specified threshold). The calculation method is as follows: it is assumed that the service transmission rate of each IP-A reported by each SGW is DIP_SGW1_Rate, DIP_SGW2_Rate, DIP_SGWN_Rate, superimposed to get the total traffic value of IP-A (represented by DIP_Total_Rate), and then calculate the new limit according to the proportion of the traffic carried on each SGW (that is, the proportion of the service transmission rate in the total traffic value) Flow threshold. For example, the traffic limiting threshold on SGW1 will be (DIP_SGW1_Rate/DIP_Total_Rate)*Limit_Threshold, and the corresponding new traffic limiting threshold on each SGW is sent to the corresponding SGW;

Step S808: Steps S804-S808 are repeated, that is, the threshold is adjusted once every period until the service transmission rate on all SGWs is smaller than the current limit threshold (specified threshold).

The control plane processing flow on each SGW is as shown in FIG. 9 and includes the following steps:

Step S902, receiving service transmission rate information reported by each SGW;

Step S904, summarizing service transmission rates of the same destination IP address;

Step S906, it is determined whether the service transmission rate on a certain SGW is greater than the corresponding current limit threshold (ie, the current limit threshold), if yes, go to step S908, otherwise, go to step S902;

Step S908: Calculate a specified threshold for each SGW for the destination IP address according to a ratio of the current service transmission rate in the total service transmission rate.

Step S910, the updated specified threshold is sent to each SGW.

The data plane processing flow on each SGW is as shown in FIG. 10, and includes the following steps:

Step S1002, receiving a message;

Step S1004, the service transmission rate (ie, traffic) of the destination IP address is counted;

In step S1006, it is determined whether the service transmission rate exceeds the current limit threshold, and if so, the step is changed. Step S1008, otherwise step S1010;

Step S1008, performing a current limiting process, that is, limiting a service transmission rate;

Step S1010: Perform a hash operation on the destination IP address to obtain a hash value.

Step S1012, selecting a corresponding SGW from the SGW group according to the hash value;

Step S1014, sending a service transmission rate to the selected SGW;

In step S1016, the service gateway performs other processing.

It should be noted that, for the foregoing method embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence. Because certain steps may be performed in other sequences or concurrently in accordance with the present invention. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.

Through the description of the above embodiments, those skilled in the art can clearly understand that the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, The optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods of various embodiments of the present invention.

Example 2

According to an embodiment of the present invention, there is also provided an apparatus for implementing a control method of a service transmission rate, which may be applied to a computer terminal, but the function or structure completed by the computer terminal is not limited to the computer in Embodiment 1. In the terminal. For example, the computer terminal in this embodiment may be represented by the centralized control device in the first embodiment or the designated service gateway in the SGW group. For details, refer to the description in Embodiment 1, and details are not described herein again. As shown in Figure 11, the device includes:

The obtaining module 110 is configured to obtain the service transmission rate information reported by each service gateway in the service gateway group in the distributed environment, where each service gateway transmits the service data in parallel to the same destination address, and performs the service according to the respective traffic limiting thresholds. a gateway for limiting the service transmission rate of data; the service transmission rate information is used to indicate a service transmission rate for the destination address on each service gateway;

The determining module 112 is connected to the obtaining module 110, and is configured to determine, for each service gateway in the service gateway group, whether the service transmission rate indicated by the service transmission rate information is greater than a traffic limiting threshold corresponding to the service gateway;

The adjustment module 114 is connected to the determining module 112, and is configured to adjust the current limiting threshold allocated to each service gateway to a specified value when the at least one determination result output by the determining module 112 is YES, to obtain a specified threshold, wherein the specified value is satisfied. The following conditions: The sum of the specified values on each service gateway is not greater than the bandwidth allocated by the carrier for the destination address;

The sending module 116 is connected to the adjusting module 114, and is configured to send the specified threshold to each of the foregoing service gateways.

The functions implemented by the above modules can also limit the service transmission rate of the destination address, so as to ensure that the total traffic after the parallel restriction of multiple service gateways (that is, the total service transmission rate of the same destination address) is in line with expectations. Threshold.

Optionally, as shown in FIG. 12, the adjustment module 114 may include the following processing unit:

The obtaining unit 1140 is configured to obtain a proportion of the service transmission rate of each service gateway in the total service transmission rate, where the total service transmission rate is used for the service transmission rate of the destination address on all service gateways in the service gateway group. The operation unit 1142 is connected to the obtaining unit 1140, and is configured to determine, according to the ratio and the bandwidth, a specified threshold that is reassigned to each service gateway in the service gateway group.

It should be noted that, in the optional embodiment of the present embodiment, reference may be made to the embodiment in the method for controlling the service transmission rate in Embodiment 1, and details are not described herein again.

In addition, each module involved in this embodiment may be implemented by software or hardware. For the latter, the following forms may be used: each of the above modules is located in the same processor, or each module is located in a different processor. Or, each of the above modules is located in a plurality of processors in any combination, but is not limited to the above expressions.

Example 3

In this embodiment, a service transmission rate control method is provided on the service gateway side. As shown in FIG. 13, the method includes:

Step S1302: Each service gateway in the service gateway group receives a specified threshold, where each service gateway transmits service data in parallel to the same destination address, and according to respective current limit thresholds. For gateways that limit the service transmission rate of service data, the specified threshold is determined by:

When the service transmission rate on any service gateway in the service gateway group is greater than the traffic restriction threshold corresponding to the service gateway, the traffic limiting threshold assigned to each service gateway is adjusted to a specified value, and the specified threshold is obtained. Condition: The sum of the specified values on each service gateway is not greater than the bandwidth allocated by the carrier for the destination address;

Step S1304: The service gateway limits the local service data transmission rate according to the specified threshold.

In an optional embodiment, the specified threshold may be determined by: Th = (x / S) * B, where Th is a specified threshold, and x represents a service transmission rate on each service gateway in the service gateway group, S Indicates the total service transmission rate, where the total service transmission rate is obtained by summing the transmission rate of the destination address on all service gateways in the service gateway group.

Optionally, the method for controlling the service transmission rate provided by the embodiment of the present invention may be implemented by using a designated service gateway in a control center or a service gateway group, for example, before the service gateway in the service gateway group receives the specified threshold, the service gateway The localized control device in the distributed environment or the specified service gateway in the service gateway group reports the local service transmission rate for the destination address. In fact, the above process of the present embodiment embodies two control schemes: a centralized control scheme and a distributed control scheme. For a specific implementation manner of the two control schemes, refer to the description in Embodiment 1, and details are not described herein again.

Optionally, before the service gateway in the service gateway group receives the specified threshold, the service gateway obtains the traffic limiting threshold, and configures the traffic limiting threshold for the service gateway, where the service gateway receives the limit. The flow threshold is equal to the traffic limiting threshold configured by other service gateways in the service gateway group. It should be noted that the meaning of “acquisition” herein includes, but is not limited to, receiving from a third-party device (for example, a centralized control device or other service gateway, etc.); local configuration (for example, may be manually configured by an administrator, etc.).

Example 4

The embodiment provides a control device for the service transmission rate, which is used to implement the method for controlling the service transmission rate in the embodiment 3. The device can be applied to the service gateway in the service gateway group, where each of the service gateway groups The service gateway is a gateway that performs parallel offload transmission for service data of the same destination address; the service transmission rate information is used to indicate a service transmission rate for the destination address on the service gateway. As shown in Figure 14, the device includes:

The receiving module 140 is configured to receive a specified threshold; wherein the specified threshold is determined by:

The limiting module 142 is coupled to the receiving module 140 for limiting the local service data transmission rate according to the specified threshold.

Optionally, the foregoing specified threshold may be determined by: Th=(x/S)*B, where Th is a specified threshold, and x represents a service transmission rate on each service gateway in the service gateway group, S Indicates the total service transmission rate. The total service transmission rate is obtained by summing the transmission rate of the destination address on all service gateways in the service gateway group.

It should be noted that, in the optional embodiment of this embodiment, reference may be made to the embodiment in the method for controlling the service transmission rate in Embodiments 1 and 3, and details are not described herein again.

In addition, each module involved in this embodiment may be implemented by software or hardware. For the latter, the following forms may be adopted: the receiving module 140 and the limiting module 142 are located in the same processor; or, the receiving module 140 and the limiting module 142 are located in the first processor and the second processor, respectively.

Example 5

This embodiment is a centralized control scheme, that is, data collection and aggregation, and threshold calculation and delivery are implemented on a centralized control device. This embodiment provides a control system for service transmission rate, as shown in FIG. The control system includes: a centralized control device 150 and a service gateway group 152, wherein

The centralized control device 150 is configured to receive the service transmission rate information reported by each service gateway in the service gateway group, and when there is a service transmission rate greater than the traffic restriction threshold in the service transmission rate of each service gateway, the service will be used for each service. The traffic limiting threshold of the gateway is adjusted to a specified value to obtain a specified threshold; and the specified threshold is sent to each service gateway; wherein each service gateway transmits the service data in parallel to the same destination address, and the service is performed according to the respective traffic limiting thresholds. The gateway for limiting the service transmission rate of the data; the service transmission rate information is used to indicate the service transmission rate for the destination address on each service gateway; the specified value satisfies the following conditions: each service network The sum of the specified values is not greater than the bandwidth allocated by the carrier for the destination address;

Each service gateway in the service gateway group 152 is configured to report service transmission rate information and limit the service transmission rate for the destination IP address on each service gateway according to the received specified threshold.

It should be noted that, for the other implementation functions of the centralized control device and the service gateway group in this embodiment, refer to the related description in Embodiment 1-4, and details are not described herein again.

Example 6

The solution provided in this embodiment is a distributed control solution, that is, the data collection, the real-time calculation, and the threshold issuance of different destination addresses are distributed on different service gateways by using a preset rule (for example, a hash operation rule). To ensure that the threshold of the same destination address is calculated on a service gateway, and the service transmission rate information of the destination address is reported to the service gateway. An embodiment of the present invention provides a control system for a service transmission rate, where the system includes: a service gateway group, where

The specified service gateway in the service gateway group is configured to receive service transmission rate information reported by other service gateways in the service gateway group except the designated service gateway; and the service transmission rate on any service gateway in the service gateway group is greater than The traffic threshold corresponding to the service gateway is adjusted to a specified value for each service gateway, and the specified threshold is obtained; and the specified threshold is sent to other service gateways;

Each service gateway is a gateway that transmits service data in parallel to the same destination address, and limits the service transmission rate of the service data according to the respective traffic limiting thresholds; the service transmission rate The information is used to indicate the service transmission rate for the destination address on the service gateway; the specified value satisfies the following condition: the sum of the specified values on each service gateway is not greater than the bandwidth allocated by the operator for the destination address.

Optionally, the service gateway is configured as a service gateway that is determined by: hashing data of the destination address, and selecting a specified service gateway from the service gateway group according to the operation result.

Example 7

Embodiments of the present invention may provide a computer terminal, which may be any one of computer terminal groups. Optionally, in this embodiment, the foregoing computer terminal may also be replaced with a terminal device such as a mobile terminal.

Optionally, in this embodiment, the computer terminal may be located in at least one network device of the plurality of network devices of the computer network.

In this embodiment, the computer terminal may execute the program code of the following steps in the method for controlling the service transmission rate: acquiring the service transmission rate information reported by each service gateway in the service gateway group in the distributed environment, where each service gateway is a gateway that transmits service data in parallel to the same destination address and limits the service transmission rate of the service data according to the respective traffic restriction thresholds; the service transmission rate information is used to indicate the service transmission rate for the destination address on each service gateway; Each service gateway in the gateway group determines whether the service transmission rate indicated by the service transmission rate information is greater than a traffic restriction threshold corresponding to the service gateway; at least one judgment When the result is YES, the current-limit thresholds assigned to the service gateways are adjusted to the specified values, and the specified thresholds are obtained. The specified values meet the following conditions: the sum of the specified values on each service gateway is not greater than the bandwidth allocated by the carrier for the destination address. The specified threshold is sent to each service gateway.

Optionally, FIG. 16 is a structural block diagram of a computer terminal according to an embodiment of the present invention. As shown in FIG. 16, the computer terminal A may include one or more (only one shown in the figure) processor 161, memory 163, and transmission device 165.

The memory 163 can be used to store software programs and modules, such as the security vulnerability detection method and the program instruction/module corresponding to the device in the embodiment of the present invention, and the processor 161 executes by executing the software program and the module stored in the memory 163. Various functional applications and data processing, that is, detection methods for implementing the aforementioned system vulnerability attacks. Memory 163 may include high speed random access memory, and may also include non-volatile memory such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, memory 163 can further include memory remotely located relative to processor 161, which can be connected to terminal A over a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The transmission device 165 described above is for receiving or transmitting data via a network. Specific examples of the above network may include a wired network and a wireless network. In one example, the transmission device 165 includes a Network Interface Controller (NIC) that can be connected to other network devices and routers via a network cable to communicate with the Internet or a local area network. In one example, the transmission device 165 is a Radio Frequency (RF) module for communicating with the Internet wirelessly.

Specifically, the memory 163 is configured to store preset action conditions and information of the preset rights user, and an application.

The processor 161 can call the information and the application stored by the memory 163 through the transmission device to perform the following steps: obtaining the proportion of the service transmission rate on each service gateway in the total service transmission rate, where the total service transmission rate is All the service gateways in the service gateway group are summed with the transmission rate of the destination address; the specified threshold is re-allocated for each service gateway in the service gateway group according to the ratio and bandwidth.

Optionally, the processor 161 may further execute the following program code: select a service gateway from the service gateway group as the designated service gateway according to the hash algorithm.

The technical problem of the technical solution that the total traffic after the parallel traffic limiting of multiple service gateways meets the expected threshold is not solved in the distributed environment.

A person skilled in the art can understand that the structure shown in FIG. 16 is only an illustration, and the computer terminal can also be a smart phone (such as an Android mobile phone, an iOS mobile phone, etc.), a tablet computer, an applause computer, and a mobile Internet device (MID). Terminal equipment such as PAD. Fig. 16 does not limit the structure of the above electronic device. For example, computer terminal A may also include more or fewer components (such as a network interface, display device, etc.) than shown in FIG. 16, or have a different configuration than that shown in FIG.

A person of ordinary skill in the art may understand that all or part of the steps of the foregoing embodiments may be completed by a program to instruct terminal device related hardware, and the program may be stored in a computer readable storage medium, and the storage medium may be Including: flash drive, read-only memory (Read-Only Memory, ROM), Random Access Memory (RAM), disk or optical disk.

Example 8

Embodiments of the present invention also provide a storage medium. Optionally, in this embodiment, the foregoing storage medium may be used to save the program code executed by the control method of the service transmission rate provided in Embodiment 1 above.

Optionally, in this embodiment, the foregoing storage medium may be located in any one of the computer terminal groups in the computer network, or in any one of the mobile terminal groups.

Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: acquiring service transmission rate information reported by each service gateway in the service gateway group in the distributed environment, where each service gateway a gateway for transmitting service data in parallel to the same destination address, and limiting the service transmission rate of the service data according to the respective current limit thresholds; the service transmission rate information is used to indicate the service transmission rate for the destination address on each service gateway; Each service gateway in the service gateway group determines whether the service transmission rate indicated by the service transmission rate information is greater than a traffic restriction threshold corresponding to the service gateway; and when at least one of the determination results is yes, the traffic restriction is allocated for each service gateway. The threshold is adjusted to the specified value, and the specified threshold is obtained. The specified value meets the following conditions: the sum of the specified values on each service gateway is not greater than the bandwidth allocated by the operator for the destination address; the specified threshold is sent to each service gateway.

It should be noted here that any one of the above computer terminal groups can be associated with a website service. The scanner establishes a communication relationship with the scanner, and the scanner can scan the value command of the web application executed by php on the computer terminal.

Example 9

The embodiment of the present invention may provide a computer terminal, which may be the same terminal as the computer terminal described in Embodiment 7, but the function is different from that implemented by the computer terminal in Embodiment 7. For the specific structure, refer to FIG. 16 , and details are not described herein again.

In this embodiment, the computer terminal may execute the program code of the following steps in the control method of the service transmission rate: each service gateway in the service gateway group receives the specified threshold, where each service gateway transmits the service data in parallel to the same destination address. And the gateway that limits the service transmission rate of the service data according to the respective traffic limiting thresholds, and the specified threshold is determined by: the service transmission rate on any service gateway in the service gateway group is greater than the traffic limiting threshold corresponding to the service gateway. The traffic-limit thresholds that are assigned to the service gateways are adjusted to the specified values, and the specified thresholds are obtained. The specified value meets the following conditions: the sum of the specified values on the service gateways is not greater than the bandwidth allocated by the carrier for the destination address; Limits the local service data transmission rate based on the specified threshold.

The memory 163 in the computer terminal shown in FIG. 16 can be used to store a software program and a module, such as a method for controlling a service transmission rate and a program instruction/module corresponding to the device in the embodiment of the present invention.

The processor 161 can call the information and the application stored in the memory 163 through the transmission device. To perform the following steps: the service gateway reports the local service transmission rate to the destination address to the designated service gateway in the centralized control device or the service gateway group in the distributed environment.

Optionally, the processor 161 may further execute the following program code: the service gateway obtains a traffic limiting threshold and configures a traffic limiting threshold for the service gateway, where the traffic limiting threshold configured by the service gateway and other service gateways in the service gateway group are configured. The configured current limit thresholds are equal.

Example 10

Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: each service gateway in the service gateway group receives a specified threshold, wherein each service gateway transmits the service in parallel to the same destination address. The data, and the gateway that limits the service transmission rate of the service data according to the respective traffic limiting thresholds, the specified threshold is determined by: the service transmission rate on any service gateway in the service gateway group is greater than the traffic restriction corresponding to the service gateway. When the threshold is set, the traffic-limit thresholds that are assigned to the service gateways are adjusted to the specified values, and the specified thresholds are obtained. The specified value meets the following conditions: the sum of the specified values on the service gateways is not greater than the bandwidth allocated by the carrier for the destination address; The gateway limits the local service data transmission rate according to the specified threshold.

It should be noted here that any one of the above computer terminal groups can establish a communication relationship with the website server and the scanner, and the scanner can scan the value command of the web application executed by php on the computer terminal.

The serial numbers of the embodiments of the present invention are merely for the description, and do not represent the advantages and disadvantages of the embodiments.

In the above-mentioned embodiments of the present invention, the descriptions of the various embodiments are different, and the parts that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.

In the several embodiments provided by the present application, it should be understood that the disclosed service gateway can be implemented in other manners. The device embodiments described above are merely illustrative. For example, the division of a unit is only a logical function division. In actual implementation, there may be another division manner. For example, multiple units or components may be combined or may be integrated into Another system, or some features can be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, unit or module, and may be electrical or otherwise.

The units described as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. You can choose some of them according to your actual needs. Or all units to achieve the purpose of the solution of the embodiment.

In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.

An integrated unit, if implemented in the form of a software functional unit and sold or used as a standalone product, can be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium. A number of instructions are included to cause a computer device (which may be a personal computer, server or network device, etc.) to perform all or part of the steps of the various embodiments of the present invention. The foregoing storage medium includes: a U disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk, and the like. .

The above is only a preferred embodiment of the present invention, and it should be noted that those skilled in the art can also make several improvements and retouchings without departing from the principles of the present invention. These improvements and retouchings should also be considered. It is the scope of protection of the present invention.

Claims

A method for controlling a service transmission rate, comprising:

Acquiring the service transmission rate information reported by each service gateway in the service gateway group in the distributed environment, where the service gateways transmit the service data in parallel to the same destination address, and the service data is used according to the respective traffic limiting thresholds. a gateway for limiting a service transmission rate; the service transmission rate information is used to indicate a service transmission rate for the destination address on each service gateway;

Determining, by each service gateway in the service gateway group, whether the service transmission rate indicated by the service transmission rate information is greater than the traffic restriction threshold corresponding to the service gateway;

When the at least one of the determination results is YES, the current-limit thresholds that are allocated to the service gateways are adjusted to a specified value, and the specified threshold is obtained, where the specified value meets the following conditions: The sum of the specified values is not greater than the bandwidth allocated by the operator for the destination address;

And sending the specified threshold to the service gateways.
The method of claim 1 wherein said specified threshold is determined by:

Obtaining a ratio of the service transmission rate in each service gateway to a total service transmission rate, where the total service transmission rate is a service transmission rate for the destination address on all service gateways in the service gateway group Perform a sum operation;

And determining, according to the ratio and the bandwidth, the specified threshold that is reassigned to each service gateway in the service gateway group.
The method according to claim 1, wherein before the obtaining the service transmission rate information reported by the service gateway group in the distributed environment, the method further includes:

The traffic limiting threshold is allocated to each service gateway in the service gateway group, where the traffic limiting thresholds allocated for the service gateways are the same.
The method according to claim 1, wherein the method is applied to a centralized control device in the distributed environment or a specified service gateway in the service gateway group, wherein the centralized control device A device other than the service gateway in the service gateway group in the distributed environment.
The method according to any one of claims 1 to 4, wherein the designated service gateway determines that the destination address is hashed to obtain a hash value corresponding to the destination address. And selecting, by the service gateway group, a service gateway corresponding to the hash value as the designated service gateway.
A method for controlling a service transmission rate, comprising:

The service gateways in the service gateway group receive the specified thresholds, where the service gateways are gateways that transmit service data to the same destination address in parallel, and limit the service transmission rate of the service data according to the respective traffic restriction thresholds. The specified threshold is determined by:

The service transmission rate on any of the service gateway groups is greater than When the traffic limiting threshold is corresponding to the service gateway, the traffic limiting threshold that is allocated to the service gateway is adjusted to a specified value, and the specified threshold is obtained, where the specified value meets the following conditions: The sum of the specified values on the gateway is not greater than the bandwidth allocated by the operator for the destination address;

The service gateway limits the local service data transmission rate according to the specified threshold.
The method of claim 6 wherein said specified threshold is determined by:

Th=(x/S)*B, where Th is the specified threshold; x represents the service transmission rate on each service gateway in the service gateway group; S represents the total service transmission rate; B is a constant, The bandwidth allocated by the operator for the destination address is equal; the total service transmission rate is obtained by performing a sum operation on the transmission rate of the destination address on all service gateways in the service gateway group.
The method according to claim 6, wherein before the service gateway in the service gateway group receives the specified threshold, the method further includes:

The service gateway reports the local service transmission rate for the destination address to the centralized control device in the distributed environment or the specified service gateway in the service gateway group.
The method according to any one of claims 6 to 8, wherein before the service gateway in the service gateway group receives the specified threshold, the method further includes:

The service gateway acquires the traffic limiting threshold and configures the traffic limiting for the service gateway a threshold, wherein the traffic limiting threshold configured by the service gateway is equal to the traffic limiting threshold configured by other service gateways in the service gateway group.
A control device for a service transmission rate, comprising:

The obtaining module is configured to obtain the service transmission rate information reported by each service gateway in the service gateway group in the distributed environment, where the service gateways transmit the service data in parallel to the same destination address, and according to the respective traffic limiting thresholds a gateway that limits the service transmission rate of the service data; the service transmission rate information is used to indicate a service transmission rate for the destination address on each service gateway;

a determining module, configured to determine, for each service gateway in the service gateway group, whether a service transmission rate indicated by the service transmission rate information is greater than the traffic limiting threshold corresponding to the service gateway;

And an adjustment module, configured to: when the at least one determination result output by the determining module is YES, adjust the current limiting threshold that is allocated to each service gateway to a specified value, to obtain a specified threshold, where the specified value is satisfied The following conditions: the sum of the specified values on the service gateways is not greater than the bandwidth allocated by the operator for the destination address;

And a sending module, configured to send the specified threshold to the service gateways.
The apparatus according to claim 10, wherein the adjustment module comprises:

An obtaining unit, configured to obtain a proportion of the service transmission rate in each service gateway in a total service transmission rate, where the total service transmission rate is used on the service gateways of the service gateway group for the purpose The service transmission rate of the address is summed and calculated. To

And a determining unit, configured to determine, according to the ratio and the bandwidth, the specified threshold that is reassigned to each service gateway in the service gateway group.
A service transmission rate control device is applied to a service gateway in a service gateway group, wherein each service gateway in the service gateway group transmits service data in parallel to the same destination address, and according to respective current limit thresholds, A gateway for limiting the service transmission rate of service data, characterized in that the device comprises:

And a receiving module, configured to receive a specified threshold, wherein the specified threshold is determined by:

And when the service transmission rate on any one of the service gateway groups is greater than a traffic limiting threshold corresponding to the service gateway, the current limiting threshold allocated to each service gateway is adjusted to a specified value, Obtaining the specified threshold, where the specified value satisfies the condition that the sum of the specified values on the service gateways is not greater than the bandwidth allocated by the operator for the destination address;

And a limiting module, configured to limit the local service data transmission rate according to the specified threshold.
The apparatus of claim 12 wherein said specified threshold is determined by:

Th=(x/S)*B, where Th is the specified threshold; x represents the service transmission rate on each service gateway in the service gateway group; S represents the total service transmission rate; The constant is equal to the bandwidth allocated by the operator for the destination address; the total service transmission rate is obtained by performing a sum operation on the transmission rate of the destination address on all service gateways in the service gateway group.
A control system for a service transmission rate, comprising: a centralized control device and a service gateway group, wherein

The centralized control device is configured to receive service transmission rate information reported by each service gateway in the service gateway group, and when there is a service transmission rate greater than a traffic limiting threshold in the service transmission rate on each service gateway And the specified traffic threshold is set to a specified value, and the specified threshold is obtained, and the specified threshold is sent to the service gateways, where each service gateway is for the same purpose. And a gateway that transmits the service data in parallel, and limits the service transmission rate of the service data according to the respective current limit thresholds; the service transmission rate information is used to indicate the service for the destination address on each service gateway. a transmission rate; the specified value satisfies the condition that the sum of the specified values on the service gateways is not greater than the bandwidth allocated by the operator for the destination address;

Each service gateway in the service gateway group is configured to report the service transmission rate information and limit the service transmission rate for the destination address on each service gateway according to the received specified threshold.
A control system for a service transmission rate, comprising: a service gateway group, wherein

The specified service gateway in the service gateway group is configured to receive service transmission rate information reported by other service gateways other than the specified service gateway in the service gateway group; and on any service gateway in the service gateway group When the service transmission rate is greater than the traffic limiting threshold corresponding to the service gateway, the current limiting threshold allocated to each service gateway in the service gateway group is adjusted to a specified value to obtain the specified threshold; and the The specified threshold is sent to the other service gateways.

Each service gateway is a gateway that transmits service data in parallel to the same destination address, and limits a service transmission rate of the service data according to a respective traffic limiting threshold; the service transmission rate information is used to indicate that The service transmission rate of the destination address on the service gateway; the specified value satisfies the following condition: the sum of the specified values on the service gateways is not greater than the bandwidth allocated by the operator for the destination address.
The system according to claim 15, wherein the designated service gateway is a service gateway determined by:

Performing a hash operation on the data of the destination address, and selecting the specified service gateway from the service gateway group according to the operation result.